Openfire5.0.2
Openfire is a real time collaboration (RTC) server licensed under the Open Source Apache License. It uses the only widely adopted open protocol for instant messaging, XMPP Openfire is incredibly easy to setup and administer, but offers rock-solid security and performance.
The IgniteRealtime community is happy to announce a new release of its open source, real-time communications server server Openfire! Version 5.0.2 brings a number of stability improvements and bug fixes.
Notably, it addresses a recently identified security vulnerability, identifies as CVE-2025-59154. The issue allows for potential identity spoofing via unsafe Common Name attribute parsing. It is mostly applicable to what we perceive to be niche use-cases of Openfire. Please read the full security advisory for more information.
Openfire 5.0.2 is a bugfix release, with various bugfixes and improvements. Of particular interest to some will be the improvements made to the SystemD-based scripts (used in many Linux environments), which remove a few annoyances that were introduced in Openfire 5.0.1. Please refer to the full changelog for more details.
You can obtain the new version of Openfire for your platform from its download page. The checksums for the binaries are:
4e907c615b3a19af0a1b5ab68ae24825b737496f9cf1715c9feafe8f909086da openfire-5.0.2-1.noarch.rpm
21271a6f22895852e50712236c45c7d213430171d5a3178474b8398f036ac07a openfire_5.0.2_all.deb
06794a12acdd8f23ca3c40fcd7af1677d8108b4b23bb72424c2751b30cfb3d14 openfire_5_0_2.dmg
c1e830b5e016d0bcff40005cc7bb14c846fe0ec26fc5a3fc967c30e5b6d2e356 openfire_5_0_2.exe
c84ca15cd470d3233add97c852c738eb373859dc9968ad34ec581725164c8114 openfire_5_0_2.tar.gz
98b5cf96326c668efb18cd9347b808a5ef85162b4a0b703aaf8e29d82cc6c727 openfire_5_0_2_x64.exe
8e09ca3dc7fb84b116ce95d10bfa3ff045708cdac4b23bd3d78ccf318e8742d8 openfire_5_0_2.zip
We’d love to hear from you! Please join our community forum or group chat and let us know what you think!
For other release announcements and news follow us on Mastodon or X
Recently, Guus and and I co-authored XEP-0483: HTTP Online Meetings. I have just finished implementing the XEP across three Openfire plugins (ofmeet, galene and orinayo)
I also implemented it in the client olmeet plugins for both spark and conversejs.
So what’s the benefit?
Both spark and pade can now:
- auto-discover what audio/video conferencing service is available and configured in Openfire (jitsi, galene or broadcastbox),
- request for a web app URL and use it to
- invite others to the meeting. If their client supports XEP-0483, the web app will be opened in the client otherwise, it will be opened in the desktop web browser.
- fallback on a static base URL configured in client if their XMPP server does not yet support xep-0483.
For other release announcements and news follow us on Mastodon or X
Empowering Digital Sovereignty with Openfire: A Secure and Customizable Communication Platform
2 months, 1 week agoIn today’s interconnected world, digital sovereignty has become increasingly important for individuals and organizations seeking to maintain control over their data, infrastructure, and technologies. Openfire, an open-source, real-time collaboration (RTC) server that uses the XMPP (Extensible Messaging and Presence Protocol) protocol, offers a secure and customizable communication platform.
About Openfire
Openfire, produced by the IgniteRealtime community, is a mature, robust and scalable XMPP server that facilitates real-time communication and collaboration. It supports a wide range of features, including instant messaging, group chat, voice and video calls, and file sharing. Openfire’s open-source nature and extensive plugin architecture make it a versatile and customizable solution for organizations of all sizes. Openfire’s compatibility with various XMPP clients, including but not limited to IgniteRealtime’s own Pádè and Spark clients, further enhances its versatility and utility.
Data Privacy and Security
One of the key aspects of digital sovereignty is the ability to protect sensitive information and ensure data privacy. Openfire provides a secure communication platform that supports end-to-end encryption, secure authentication, and fine-grained access control. By hosting Openfire in-house or on a private cloud, organizations can maintain control over their communication data and reduce the risk of data breaches or unauthorized access. Additionally, Openfire’s open-source nature allows users to audit the code and verify the security of the platform, further enhancing trust and transparency.
Customization and Flexibility
Openfire offers a high degree of customization and flexibility, enabling organizations to tailor the platform to their specific needs and requirements. With a wide range of plugins and extensions, Openfire can be easily integrated with existing systems and workflows, allowing users to create a communication environment that aligns with their unique processes and preferences. This enables organizations to maintain control over their communication tools and adapt them to their evolving needs.
Compliance and Regulatory Control
Openfire’s customizable and secure nature makes it an ideal platform for organizations operating in regulated industries or jurisdictions with strict data protection laws. By hosting Openfire in-house or on a private cloud, organizations can ensure that their communication data remains within their control and complies with relevant regulations. Furthermore, Openfire’s extensive logging and monitoring capabilities enable users to demonstrate compliance and maintain a clear audit trail of their communication activities.
Interoperability with Other XMPP Solutions
Openfire’s interoperability with other XMPP-based platforms and clients is another significant advantage. By supporting the XMPP protocol, Openfire enables seamless communication and collaboration with users on other XMPP servers and clients, fostering a decentralized and open communication ecosystem. This interoperability allows organizations to maintain control over their communication infrastructure while still being able to connect and collaborate with external partners, customers, or stakeholders. Moreover, Openfire’s compatibility with other XMPP solutions reduces the risk of vendor lock-in and promotes a more open and competitive market for communication tools.
Conclusion
Openfire offers a powerful and secure communication platform that supports digital sovereignty by enabling organizations to maintain control over their data, infrastructure, and technologies. With its robust security features, customization capabilities, compliance-friendly nature, and interoperability with other XMPP solutions like Pádè and Spark, Openfire empowers users to create a communication environment that aligns with their unique needs and requirements. As digital sovereignty continues to gain importance in today’s interconnected world, Openfire provides a valuable solution for organizations seeking to enhance their autonomy, privacy, and security in digital interactions.
For other release announcements and news follow us on Mastodon or X
In January 2007, Ignite Realtime released the red5 plugin for Openfire which added the flash based open source Red5 media server as a plugin to Openfire (Wildfire). A year later, we added red5Phone, the first open source SIP based soft phone in a web browser.
Eighteen years later, WebRTC is now well established as the leading standard for audio and video conferencing and all that leading edge pioneer work here at Ignite evolved into Pàdé the web client, it’s supporting Openfire plugin and other plugins and clients supporting other audio and video use cases beyond meetings.
XMPP is now back in fashion and Openfire has always been a choice XMPP solution because it has the X factor. It is eXperienced, eXtensible, fleXible, eXperimental and eXciting and allowing use to easily integrate it with a wider diversity of signalling and media protocols and services.
However, the new attraction for XMPP is the push for open standards and messaging interoperability. Consequently, being able to also provide media (audio and video) interoperability in XMPP through Openfire will become one of the things we choose to focus on at Ignite going forward with audio and video communications. As previously hinted, we are moving forward with simplified, easy to maintain open standards that make media interoperability possible.
For now, that will be Online Meetings for audio and video conferencing services that have a web front end UI like Jitsi, Galene and BroadcastBox. For deeper integration into XMPP, that will be the Media Streams which is the XMPP wrapper to WHIP and WHEP.
In practice, it means development will stop on the Pade plugin for Openfire and all Jitsi based development and integration will only continue with Openfire Meetings plugin (ofmeet) which will become XEP 483 compliant. The Galene plugin for Openfire will also become XEP 483 compliant and both plugins can serve the new Online Meetings plugin for in ConverseJS web client.
The Openfire plugin called Ohun for audio conferencing is deprecated and a new plugin called OrinAyo which supports both music streaming and audio conferencing is in development and will become available very soon.
For other release announcements and news follow us on Mastodon or X
Openfire 5.0.1 has been released!
Openfire, created by the Ignite Realtime community is a powerful chat server that lets you communicate in real-time with your team or friends. It’s like having your own private messaging solution, but with more control and customization options.
Following the release of Openfire 5.0.0 last week, a few annoying issues were reported. These are addressed in this new release:
- The Windows Launcher works again
- The bundled ‘search’ plugin is updated to address an issue in the admin console
- Certificate-based authentication can be used again with client connections
- Improvements were applied to the detection of invalid (‘ghost’) group chat users that originate from federated domains.
- The Admin Console translations for the French and Dutch languages got a significant update. Many thanks to the community members that provided those translations!
This update should be a drop-in replacement for version 5.0.0. You can find the installers in the usual places, like our Downloads page!
The 5.0.1 release of Openfire is a direct result of receiving contributions and feedback from the community. Keep it coming! As you can see, your effort, no matter how big or small, can have a direct result! Please join our community forum or group chat and let us know what you think!
Finally: GitHub appears to claim that this is our 100th release of Openfire/Wildfire. We’re not at all sure that’s an accurate count, but we’ll take the opportunity to celebrate anyway! 
Come join the celebrations in our chatroom! The fiftieth person to join wins a no-expenses-paid day trip to the nearest park bench!
For other release announcements and news follow us on Mastodon or X
